---
- name: disable zram SWAP on builders, it is too small, issue 2077
  package: name=zram-generator-defaults state=absent
  when:
    - prepare_base_image is defined

- name: drop extremely slow libvirt resolver
  lineinfile:
    dest: /etc/resolv.conf
    regexp: 'nameserver 192.168.122.1'
    state: 'absent'
  when:
    - prepare_base_image is not defined
    - "'osuosl' in lookup('env', 'RESALLOC_NAME')"

- name: setup the hostname so we can easily identify the box
  hostname: name="{{ lookup('env', 'RESALLOC_NAME') | default('unknown-builder') | replace('_', '-') }}"
  when: prepare_base_image is not defined

- name: put infra repos into yum.repos.d
  copy: src=files/dnf/infra-tags.repo dest=/etc/yum.repos.d
  #when:
  #- prepare_base_image is defined

- name: put infra stg repos into yum.repos.d if staging
  copy: src=files/dnf/infra-tags-stg.repo dest=/etc/yum.repos.d
  when:
    - devel
    - prepare_base_image is not defined

- name: disable updates-testing
  file:
    path: /etc/yum.repos.d/fedora-updates-testing.repo
    state: absent

- name: update the system
  dnf:
    state: latest
    name: "*"
    exclude:
      # https://bugzilla.redhat.com/show_bug.cgi?id=2047266
      # This is important for the AWS images only.  Other images (like libvirt,
      # IBM Cloud, etc.) are already updated.
      - kernel-core
  when: prepare_base_image is defined
  register: system_updated

- name: disable updates-testing, could be restored after update
  file:
    path: /etc/yum.repos.d/fedora-updates-testing.repo
    state: absent
  when: system_updated.changed

 #- name: enable copr repo in staging
 #  community.general.copr:
 #    state: enabled
 #    name: "{{ item }}"
 #  with_items:
 #    - "@copr/copr"
 #  when:
 #    - devel
 #    - prepare_base_image is not defined

- name: clean dnf cache before checking for updated packages
  shell: dnf clean all
  when:
    - prepare_base_image is defined

- name: set lower metadata expire time to enforce download
  ini_file: dest=/etc/dnf/dnf.conf section=main option=metadata_expire value=1h
  when:
    - prepare_base_image is defined

# https://fedoraproject.org/wiki/Changes/StrongCryptoSettings
- name: fallback to the legacy crypto policies
  command: update-crypto-policies --set DEFAULT:FEDORA32
  when:
    - prepare_base_image is defined

# NetworkManager-wait-online takes too long on VMS on our hypervisors.  And we
# don't seem to need hcn-init service triggering that.
- name: disable hcn-init service on ppc64le which implies NetworkManager-wait-online
  service:
    name: hcn-init.service
    state: stopped
    enabled: no
  failed_when: false
  when: prepare_base_image is defined

- name: install subscription-manager
  package: name=subscription-manager state=present
  when:
    - prepare_base_image is defined

- name: install the subscription-manager script
  copy:
    src: copr-rh-subscribe.sh
    dest: /usr/local/bin/copr-rh-subscribe.sh
    mode: 0755
  when:
    - prepare_base_image is defined

- name: Activate Red Hat Subscription
  shell:
    cmd: >
      /usr/local/bin/copr-rh-subscribe.sh
      --pool-id 8a85f9a17c71102f017ce611251c770f
      --user copr-team
      --pass "{{ copr_red_hat_subscription_password }}"
      --system "{{ lookup('env', 'RESALLOC_NAME') | default('unknown-builder') }}"
  no_log: true
  when: prepare_base_image is not defined

- name: stop and disable systemd-oomd, rhbz 2051154
  service:
    name: systemd-oomd
    state: stopped
    enabled: no

# TODO: remove entirely once this isn't baked into images
- name: allow allocating large memory chunks on builders, rhbz 2051154
  sysctl:
    name: vm.overcommit_memory
    value: 0
    state: present
  when:
    - prepare_base_image is not defined

- name: install copr-builder and other latest packages
  dnf: state=latest pkg={{ packages }}
  vars:
    packages:
      - copr-builder

- name: put updated mock configs into /etc/mock
  copy: src=files/mock/ dest=/etc/copr-rpmbuild/mock-config-overrides
  # conditional, per https://pagure.io/copr/copr/issue/1189 - as we don't want
  # to bake broken mock configuration into the image.
  when:
  - prepare_base_image is not defined

- name: run /bin/copr-update-builder from copr-builder package
  shell: /usr/bin/copr-update-builder

#- name: install the latest mock and mock-core-configs from updates-testing
#  package: state=latest name={{ packages }}
#  register: mock_updated
#  vars:
#    packages:
#    - https://kojipkgs.fedoraproject.org/packages/mock/2.2/1.fc31/noarch/mock-2.2-1.fc31.noarch.rpm
#    - https://kojipkgs.fedoraproject.org/packages/mock-core-configs/32.6/1.fc31/noarch/mock-core-configs-32.6-1.fc31.noarch.rpm
#
# - name: re-run copr-update builder when mock/mock-core-configs are updated
#   shell: /usr/bin/copr-update-builder
#   when: mock_updated.changed

- name: put copr-rpmbuild configuration file in the right place
  copy: src=files/main.ini dest=/etc/copr-rpmbuild/main.ini

- name: mockbuilder user
  user: name=mockbuilder groups=mock
  when:
    - prepare_base_image is defined

- name: mockbuilder .ssh
  file: state=directory path=/home/mockbuilder/.ssh mode=0700 owner=mockbuilder group=mockbuilder
  when:
    - prepare_base_image is defined

- name: mockbuilder authorized_keys
  authorized_key: user=mockbuilder key='{{ lookup('file', 'files/buildsys.pub') }}'

- name: root authorized_keys
  authorized_key: user=root key='{{ lookup('file', 'files/buildsys.pub') }}'

- name: setup 10x more fds in limits.conf
  copy:
    content: |
      * soft nofile 10240
      * hard nofile 10240
    dest: /etc/security/limits.d/50-copr-fds.conf
    owner: root
    group: root
    mode: 0644
  when:
    - prepare_base_image is defined

- name: disable core dumps
  ini_file: dest=/etc/systemd/coredump.conf section=Coredump option=Storage value=none
  when:
    - prepare_base_image is defined

- name: 'Remove %_install_langs from /etc/rpm/macros.image-language-conf'
  lineinfile:
    dest: '/etc/rpm/macros.image-language-conf'
    regexp: '^%_install_lang.*'
    state: 'absent'
  when:
    - prepare_base_image is defined

- name: Disable DNF makecache timer
  systemd:
    name: dnf-makecache.timer
    state: stopped
    enabled: no
  when:
    - prepare_base_image is defined

- name: Disable DNF makecache service
  systemd:
    name: dnf-makecache.service
    state: stopped
    enabled: no
  when:
    - prepare_base_image is defined

- name: mount cache filesystem on /var/cache/mock
  mount: path=/var/cache/mock state=mounted src=mock_cache_tmpfs fstype=tmpfs opts="size=32G"

- name: Collect facts about builder hardware
  setup:
    gather_subset:
    - hardware

- name: Make sure that at least 135G of swap is available
  assert:
    that:
      - ansible_memory_mb.swap.free >= 1024 * 135
    fail_msg: "Swap is not available, the builder is unusable"
    success_msg: "Swap seems to be available for this builder"
  when:
  - prepare_base_image is not defined
